Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
The 'read' npm package is a simple utility for reading user input from the command line. It is often used to prompt users for information in a synchronous manner, making it useful for command-line applications and scripts.
Basic User Input
This feature allows you to prompt the user for input and handle the response. The example code asks the user for their name and then prints a greeting.
const read = require('read');
const options = {
prompt: 'What is your name? '
};
read(options, function(err, result) {
if (err) {
console.error('Error:', err);
} else {
console.log('Hello, ' + result + '!');
}
});
Password Input
This feature allows you to prompt the user for sensitive information like passwords without displaying the input on the screen. The example code asks the user for a password and confirms receipt without showing the password.
const read = require('read');
const options = {
prompt: 'Enter your password: ',
silent: true
};
read(options, function(err, result) {
if (err) {
console.error('Error:', err);
} else {
console.log('Password received.');
}
});
Default Values
This feature allows you to provide a default value for the user input. The example code asks the user for their favorite color and defaults to 'blue' if no input is provided.
const read = require('read');
const options = {
prompt: 'What is your favorite color? ',
default: 'blue'
};
read(options, function(err, result) {
if (err) {
console.error('Error:', err);
} else {
console.log('Your favorite color is ' + result + '.');
}
});
The 'prompt' package is a more feature-rich alternative to 'read'. It supports validation, default values, and complex prompts with multiple fields. It is more suitable for applications that require more sophisticated user input handling.
The 'inquirer' package is another alternative that provides a more interactive experience. It supports various types of prompts like lists, checkboxes, and password fields. It is ideal for building interactive command-line interfaces.
The 'readline-sync' package allows for synchronous reading of user input from the command line. It is similar to 'read' but provides more control over the input process, including the ability to handle multiple lines of input.
For reading user input from stdin.
Similar to the readline
builtin's question()
method, but with a
few more features.
var read = require("read")
read(options, callback)
The callback gets called with either the user input, or the default
specified, or an error, as callback(error, result, isDefault)
node style.
Every option is optional.
prompt
What to write to stdout before reading input.silent
Don't echo the output as the user types it.replace
Replace silenced characters with the supplied character value.timeout
Number of ms to wait for user input before giving up.default
The default value if the user enters nothing.edit
Allow the user to edit the default value.terminal
Treat the output as a TTY, whether it is or not.input
Readable stream to get input data from. (default process.stdin
)output
Writeable stream to write prompts to. (default: process.stdout
)If silent is true, and the input is a TTY, then read will set raw mode, and read character by character.
This module works sort of with node 0.6. It does not work with node versions less than 0.6. It is best on node 0.8.
On node version 0.6, it will remove all listeners on the input
stream's data
and keypress
events, because the readline module did
not fully clean up after itself in that version of node, and did not
make it possible to clean up after it in a way that has no potential
for side effects.
Additionally, some of the readline options (like terminal
) will not
function in versions of node before 0.8, because they were not
implemented in the builtin readline module.
Patches welcome.
FAQs
read(1) for node programs
We found that read demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.